Locking users in a specific Group -- remote access IPSec VPN on ASA

Unanswered Question
Jan 19th, 2010
User Badges:

Hi, Experts,

I am working on a project  trying to setup Remote Access IPsec VPN  for my customer. I am using a ASA 5520 terminating  VPN.  The authentication path is like this: ASA5520 --- ACS 3.2 ---- Token Server.  The Token server has accounts for all the employees of the company. The ACS server does not have any static accounts configured, it simply forward the Radius request to the Token server.  The Remote Access IPsec VPN is designed for sales department use only. I have setup the system, but under the current setup, anyone that has a token card can pass the authentication and connect to the VPN.

My question is: how to configure the ASA or ACS server to allow ONLY sales persons to connect to the VPN while using the company provided Token card.

Thanks a lot!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion

Related Content